PCI compliance contributes to false sense of security
Despite industry data to the contrary, a new Tripwire retail cybersecurity survey indicates that organizations that rely on PCI compliance as the core of their information …
PC gamers increasingly under attack
Many gamers either disable their security or remove it altogether, thereby sacrificing protection to maximize system performance and leaving themselves vulnerable to …
0-days found in Symantec Endpoint Protection
While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, …
IoT devices are filled with security flaws, researchers warn
We are living in an increasingly interconnected world, and the so-called Internet of Things is our (inescapable) future. But how safe will we, our possessions and our …
Free iPhone app for encrypted phone calls released
There is finally a free alternative for all iOS users who are looking to encrypt their voice calls: the app is called Signal, and has been developed by the Open Whisper …
375 million customer records compromised in 2014
Between April and June of this year, there were a total of 237 breaches that compromised more than 175 million customer records of personal and financial information …
6 best practices to assure PCI compliance
With recent PCI DSS compliance incidents costing companies millions of pounds in fines and losses and inflicting damage to valuable brand reputations, Netwrix is urging …
97% of Global 2000 remain vulnerable to due to Heartbleed
97 percent of Global 2000 organizations’ public-facing servers remain vulnerable to cyber attacks due to incomplete Heartbleed remediation, according to Venafi. This …
Continuous monitoring for enterprise incident response
Qualys has further bolstered its Continuous Monitoring (CM) cloud service. The latest features include automated alerts for changes in perimeter IP addresses, as well as a new …
Researchers successfully attack Android through device’s speaker
A group of researchers from the Chinese University of Hong Kong have demonstrated that even applications with zero permissions can be used to launch attacks that allow …
Android Fake ID bug allows malware to impersonate trusted apps
The Bluebox Security research team has unearthed another critical Android vulnerability. Named “Fake ID,” the security bug can be used by malicious applications to …
I2P patched against de-anonymizing 0-day, Tails integration still to follow
Developers of the I2P anonymous networking tool have released a new version (0.9.14) of the tool that fixes XSS and remote execution vulnerabilities reported by Exodus …